Securing Elasticsearch cluster

We know it is strongly recommended in Linux to disable root user.
We know it is also recommended to disable root user in Mysql.

I do not know why we can not disable/rename superuser "elastic" in elasticsearch and we can only add password for securing elastic search?

What's the difference?

You can disable the elastic user if you want.

From Built-in users | Elasticsearch Reference [7.12] | Elastic

The built-in users can be disabled individually, using the disable users API.

The question is what value you think you get from doing that, but it is entirely possible.

1 Like